Cybersecurity: What traits to look for in an outsourcing partner
McKinsey, a global management consulting firm, recently investigated the link between security and customer satisfaction and found, “Companies that successfully deliver a remarkable digital experience while also keeping customers’ data safe can see a potential 20 to 35 percent boost in customer satisfaction scores.”
The message is clear – modern consumers value data privacy, but also want personalized service. The right outsourcing partner can help strike that perfect balance, enabling brands to successfully navigate the intersection between security and customer experience.
When selecting a customer experience delivery provider that is right for your business, take the following cybersecurity factors under consideration.
1. Best practices start at the top
The concept of privacy by design was created by Ann Cavoukian in the 1990s, during her 17-year career as the information and privacy commissioner for the Canadian province of Ontario — but it has never been more relevant than in today’s digital age. “Privacy by design advances the view that the future of privacy cannot be assured solely by compliance with regulatory frameworks; rather, privacy assurance must ideally become an organization’s default mode of operation,” Cavoukian wrote.
The idea that privacy should be taken into account at all levels of an organization is echoed in the findings of a recent IBM cybersecurity survey of more than 700 executives across 28 countries. The findings showed that the most secure firms prioritized IT at the executive and board levels, ensuring that it remained the responsibility of all high-level stakeholders.
In short, privacy and cybersecurity can’t be an afterthought. Given its intrinsic ties to both commercial success and risk management, conversations about digital privacy and online security need to start at the C-level. “Company leadership must ensure the investment necessary to establish and maintain credibility with customers,” says Troy Moritz, chief security officer at TELUS International.
2. Compliance and certifications
Third-party assessments can help evaluate an outsourcing partner’s level of vigilance and skills in managing cybersecurity risk. One example of a voluntary certification that provides credibility for an outsourcer’s ecosystem is the Cloud Security Alliance. CSA certification offers validation of a company’s “security posture of cloud offerings.” In the same way, the HITRUST CSF offers a robust certification on healthcare data security and privacy that extends beyond the table-stake US legal requirement HIPAA.
When evaluating a potential partner’s cybersecurity capabilities, Moritz recommends looking for an organization that seeks “third-party certifications and attestations that go above and beyond the standard course of due care.” Organizations that continually seek third-party accreditations demonstrate their commitment to being a leader in this regard.
Security-on-demand, an innovative approach that allows companies to avoid the lag between procurement and implementation in high-growth scenarios, can help brands meet its cybersecurity needs when rapidly scaling their business by providing customized security capabilities at the click of a button.
“It aims to take the same model from cloud storage and Amazon Web Services, and expands it to cybersecurity,” explains Moritz. A partner equipped with security-on-demand capabilities can adapt to customer needs dynamically and quickly.
4. Threat reporting and education
Studies show that humans are the weakest link when it comes to executing a cybersecurity strategy. The best laid plans for customer privacy can easily be thwarted by the singular act of an employee recording secure customer data on a sheet of paper and disposing of it incorrectly.
A customer experience partner should ensure that employees receive ongoing training and education around privacy and security, says Moritz. They should also have an employee hotline in place and empower team members to report colleagues’ improper handling of sensitive information.
Brands should look for a partner with proactive policies in place for handling sensitive client data and an action plan for any breaches that could occur.
5. Less data, fewer problems
Big data is the new way of the business world, but indiscriminately hoarding data without an intended purpose can cause more problems than it solves.
A trusted outsourcing provider will continually assess what they are collecting and storing in order to focus on gathering the minimum amount of data necessary to provide the maximum consumer benefit. It will also have the best technology platforms to store and access customer data safely and securely, which also greatly contributes to protecting customers’ privacy.
Every day, customers share their personal data with brands in exchange for personalized and efficient service with the expectation that it will be safeguarded from digital threats. An outsourcing partner must help maintain that sacred trust as cybersecurity and privacy protection are now an integral part of delivering an excellent customer experience in the digital age.
A full evaluation of a potential contact center outsourcing provider will provide excellent clues as to whether a trusted partnership is feasible, says Moritz. “Ask prospective partners, ‘What is your product?’ If the answer is just ‘great customer service ‘ then think twice.”